January 08, 2013

Passwords Become Weaker As Hackers Become Stronger

Due to real-world information, access to personal online information is continually under assault. In recent years, many hackers have been able to quickly circumvent login credentials as a way to gain access and expose valuable online information. As a result, gaining access to a single account belonging to an individual often allows them to compromise every account belonging to the same person.

Online hackers and cyber criminals have long known that human behavior dictates how individuals use the same password across all of their account platforms. The same password combination an individual might use to gain access into their Twitter account might also be the one that allows them to enter their online banking account. Only when online hackers, attackers and cyber criminals brag about their accomplishments online, do individuals realize that their online information security has been breached.

Weakening Passwords

Passwords that were once considered strong enough have now become weak. The danger of these weakening passwords is now easier to recognize. Companies that gather online user name and password combinations now understand how any security breach outside of their system can generate huge vulnerability deep inside their own networks.

The old techniques of password cracking have advanced farther than nearly everyone had realized. However, the ingrained habits of using aging password combinations continue to be the same, from both individuals and businesses. In essence, the security once thought to be a stronghold against hackers has never been in a weaker position.

The Same Password in Multiple Accounts

On average, common online users typically maintain approximately 25 to 30 separate accounts but rarely have more than five or six passwords to protect all of them. Through a process called “password reuse” mixed together with the overuse of email addresses as a user ID or username,hackers & cyber criminals can quickly pluck login credentials from an individual’s single site. They will use this information to compromise dozens more of the individual’s accounts, using the same password.

Advancing Hacking Technology

Advancing hacking technologies and innovative hardware, like graphic processors, is used to assist cyber criminals in password cracking.Graphics processors have long been known to be effective password cracking tools that function many thousands of times quicker than they did just 10 years ago. Now, hackers can generate well over 8 billion password combinations every second, based on the type of algorithm they use to scramble each one. Just 10 years ago, the method would have required super computers to process the same information as quick.

The more advanced hackers become, the easier it is to develop simple PCs that house multiple GPUs that can generate the results 3 to 5 times quicker than using a single graphics processor. Additionally, there are free password cracking programs available to anyone with an online connection that requires only minimal tinkering to adjust the settings, based on the hacker’s needs.

Pooling Hacker Resources

Hackers use online forums to gather viable information on the best way to attack online users. Using tools to pool their resources together, they can use their shared knowledge to develop account cracking passwords. Through discussion with each other they can create new ways of harvesting online information within hours.

Additionally, as hackers begin to brag about their account cracking password results, many more attackers tend to want to get in on a good thing. Some of the information they share includes the harvest of over 100 million real-world passwords they have already been able to gather. The hackers can study similarities in the lists to gain valuable insight on how online users from every walk of life choose passwords and passphrases for a variety of settings or sites.

This information compounds the gains from powerful hardware for faster and more accurate password attacking results. Where just a few years ago it was extremely difficult to crack an all lowercase, 8-character password, today it takes less than a minute, a symbol or number will only buy you a couple of hours. Currently, no one is safe by simply using a password to safe guard their account.

Finding Online Protection

Lately, companies are springing up that have the ability to help large companies and concerned individuals who need to totally safeguard their valuable non-trivial online information. These companies are experts at spotting weaknesses long before any criminal hacking attack or can exploit them to gain access to the secured valuable information. To be effective, the company needs to stay well ahead of the problem, and continually keep a breast of the newly develop methods hackers use.

Creating passwords and passphrases that are brute-force resistant is required for every account used to safeguard information. As more individuals take to the Internet for all of their personal or company business, they will be creating even more accounts that need continual protection against hacking. This is where a purpose-built password management system like the AuthAnvil Password Server comes into play. Instead of users being limited by their memory, 48 or 64 character passwords become feasible. Check out the Password Management Playbook below to learn more about AuthAnvil and advanced password management practices.